Address review comments from https://boringssl-review.googlesource.com/#/c/11920/2
In https://boringssl-review.googlesource.com/#/c/11920/2, I addressed a number of comments but then forgot to upload the change before submitting it. This change contains the changes that should have been included in that commit. Change-Id: Ib70548e791f80abf07a734e071428de8ebedb907 Reviewed-on: https://boringssl-review.googlesource.com/12160 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
Adam Langley
CQ bot account: commit-bot@chromium.org
parent
123db57009
commit
d50f1c8e3d
@ -782,7 +782,7 @@ static bool TestFromBuffer() {
|
||||
return false;
|
||||
}
|
||||
|
||||
bssl::UniquePtr<X509> root(d2i_X509_from_buffer(buf.get()));
|
||||
bssl::UniquePtr<X509> root(X509_parse_from_buffer(buf.get()));
|
||||
if (!root) {
|
||||
return false;
|
||||
}
|
||||
@ -824,7 +824,7 @@ static bool TestFromBufferTrailingData() {
|
||||
}
|
||||
|
||||
bssl::UniquePtr<X509> root_trailing_data(
|
||||
d2i_X509_from_buffer(buf_trailing_data.get()));
|
||||
X509_parse_from_buffer(buf_trailing_data.get()));
|
||||
if (root_trailing_data) {
|
||||
fprintf(stderr, "TestFromBuffer: trailing data was not rejected.\n");
|
||||
return false;
|
||||
@ -846,7 +846,7 @@ static bool TestFromBufferModified() {
|
||||
return false;
|
||||
}
|
||||
|
||||
bssl::UniquePtr<X509> root(d2i_X509_from_buffer(buf.get()));
|
||||
bssl::UniquePtr<X509> root(X509_parse_from_buffer(buf.get()));
|
||||
if (!root) {
|
||||
return false;
|
||||
}
|
||||
@ -857,8 +857,8 @@ static bool TestFromBufferModified() {
|
||||
|
||||
if (i2d_X509(root.get(), nullptr) != static_cast<long>(data_len)) {
|
||||
fprintf(stderr,
|
||||
"TestFromBuffer: i2d_X509 gives different answer before marking as "
|
||||
"modified.\n");
|
||||
"TestFromBufferModified: i2d_X509 gives different answer before "
|
||||
"marking as modified.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -866,8 +866,8 @@ static bool TestFromBufferModified() {
|
||||
|
||||
if (i2d_X509(root.get(), nullptr) == static_cast<long>(data_len)) {
|
||||
fprintf(stderr,
|
||||
"TestFromBuffer: i2d_X509 gives same answer after marking as "
|
||||
"modified.\n");
|
||||
"TestFromBufferModified: i2d_X509 gives same answer after marking "
|
||||
"as modified.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -887,7 +887,7 @@ static bool TestFromBufferReused() {
|
||||
return false;
|
||||
}
|
||||
|
||||
bssl::UniquePtr<X509> root(d2i_X509_from_buffer(buf.get()));
|
||||
bssl::UniquePtr<X509> root(X509_parse_from_buffer(buf.get()));
|
||||
if (!root) {
|
||||
return false;
|
||||
}
|
||||
@ -903,7 +903,13 @@ static bool TestFromBufferReused() {
|
||||
X509 *ret = d2i_X509(&x509p, &inp, data2_len);
|
||||
if (ret != root.get()) {
|
||||
fprintf(stderr,
|
||||
"TestFromBuffer: d2i_X509 parsed into a different object.\n");
|
||||
"TestFromBufferReused: d2i_X509 parsed into a different object.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
if (root->buf != nullptr) {
|
||||
fprintf(stderr,
|
||||
"TestFromBufferReused: d2i_X509 didn't clear |buf| pointer.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -911,19 +917,18 @@ static bool TestFromBufferReused() {
|
||||
// following will trigger a use-after-free.
|
||||
data2.reset();
|
||||
|
||||
const long i2d_len = i2d_X509(root.get(), nullptr);
|
||||
uint8_t *i2d = nullptr;
|
||||
int i2d_len = i2d_X509(root.get(), &i2d);
|
||||
if (i2d_len < 0) {
|
||||
return false;
|
||||
}
|
||||
std::unique_ptr<uint8_t[]> i2d(new uint8_t[i2d_len]);
|
||||
uint8_t *outp = i2d.get();
|
||||
i2d_X509(root.get(), &outp);
|
||||
bssl::UniquePtr<uint8_t> i2d_storage(i2d);
|
||||
|
||||
if (!PEMToDER(&data2, &data2_len, kLeafPEM)) {
|
||||
return false;
|
||||
}
|
||||
if (i2d_len != static_cast<long>(data2_len) ||
|
||||
memcmp(data2.get(), i2d.get(), i2d_len) != 0) {
|
||||
memcmp(data2.get(), i2d, i2d_len) != 0) {
|
||||
fprintf(stderr, "TestFromBufferReused: i2d gave wrong result.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -150,7 +150,7 @@ IMPLEMENT_ASN1_FUNCTIONS(X509)
|
||||
|
||||
IMPLEMENT_ASN1_DUP_FUNCTION(X509)
|
||||
|
||||
X509 *d2i_X509_from_buffer(CRYPTO_BUFFER *buf) {
|
||||
X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf) {
|
||||
X509 *x509 = X509_new();
|
||||
if (x509 == NULL) {
|
||||
return NULL;
|
||||
|
||||
@ -638,11 +638,11 @@ OPENSSL_EXPORT int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type,
|
||||
unsigned char *md, unsigned int *len);
|
||||
#endif
|
||||
|
||||
/* d2i_X509_from_buffer parses an X.509 structure from |buf| and returns a
|
||||
/* X509_parse_from_buffer parses an X.509 structure from |buf| and returns a
|
||||
* fresh X509 or NULL on error. There must not be any trailing data in |buf|.
|
||||
* The returned structure (if any) holds a reference to |buf| rather than
|
||||
* copying parts of it as a normal |d2i_X509| call would do. */
|
||||
OPENSSL_EXPORT X509 *d2i_X509_from_buffer(CRYPTO_BUFFER *buf);
|
||||
OPENSSL_EXPORT X509 *X509_parse_from_buffer(CRYPTO_BUFFER *buf);
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
OPENSSL_EXPORT X509 *d2i_X509_fp(FILE *fp, X509 **x509);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user